adam:ONE v4.14.0 Scheduled Release

Version 4.14.0 Scheduled Release is out for pfSense® and ASUS® and VyOS® as of 25 November 2024.

It includes a few improvements and fixes as outlined in previous 4.13 rapid releases. The most significant improvements are:

Muscle changes on all platforms:

  • Fixed problem in case (in)sensitive FQDNs where some upper-case domains weren’t responded the same as lower-case of the same
  • Fixed an issue with an Enabler not taking effect on a schedule change
  • Fine-tuned delegate memory manager
  • Fixed a bug when two sequential schedule blocks used the same policy
  • Added support for DTTS learning mode with --dtts-learning-mode
  • Removed reverse cache lookups for PTR type in-addr.arpa queries
  • Added feature to disable auto-generation of internal PTR records with --disable-synthetic-ptr-answers
  • Fixed an issue with incorrectly updating LastSeen
  • Optimized Reflex-unreachable DNS responses with noerror DNS responses in order to avoid browser caching for short connectivity disruptions
  • MyTools live log now displays current policy name vs schedule policy name
  • Syslog entries with DNS= now shows query/answer latency
  • Changed accepted DoH application subtype to dns+json as per RFC8427
  • Added RFC7873 support | Incoming and outgoing cookies
  • Added RFC8914 support | Extended DNS Errors
  • Added RFC9156 support, re-worked recursion to support qname minimisation and CNAME recursion
  • Added RFC9606 support | DNS Resolver Information
  • Added support for RESINFO resource record type
  • Added support for enablers associated with a subnet-based default profile
  • Update checkin protocol for default profiles per subnet
  • Re-introduced strict CNAME flattening (off by default) to get rid of all CNAMES even if there are no other records
  • Blocked *.resolver.arpa queries from getting out recursively
  • Substantial performance improvements in the packet monitor
  • Other significant improvements and fixes

pfSense® changes:

  • Support for pfSense+ 24.11 (rather than basing it on FreeBSD version).

ASUS® changes:

  • script updates to introduce extra_http_listener which can be used to add lo interface, for example

VyOS® changes:

  • added functionality for immediate DNS responses to unknown layer 3 connections by default policy even before enrolment)

Special thanks to all the testers that made this possible.

For installation of adam:ONE® see:

  1. pfSense®: adamnet.io/pfsense
  2. ASUS®: adamnet.io/asus
  3. VyOS®: adamnet.io/vyos

Note on automatic upgrades

During adamone-setup configure installation wizard, we recommend the default to automatically upgrade adam:ONE® software. When that default is selected, the attempt will be made based on contents in /etc/crontab (pfSense®) or cru l (on ASUS®).

However, in some circumstances, the internet will fail after automatic upgrade, specifically if these conditions are all met:

  • your pfSense is older than what is listed at adamnet.io/pfsense
  • Disable the Dashboard auto-update check is checked (System → Update → Update Settings)
  • the cronjob has executed and upgraded to 4.14.0

The solution is to:

  • upgrade pfSense®
  • re-install adam:ONE®

Thank you
– Adam Networks team

1 Like

This topic was automatically closed after 7 days. New replies are no longer allowed.